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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- tf the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

• If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on 15 October 2001 . 
2a)D This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) S Claim(s) 1-13 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) [3 Claim(s) 1-13 is/are rejected. 

7) E3 Claim(s) 7-73 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1 - 1 3 are pending. 

Claim Objections 

2. Claims 1-13 are objected to as being sentence fragments. It has been the practice of the 
USPTO under MPEP 608.01(m) that every claim be a single sentence. Applicant's claims are 
currently sentence fragments. Correction is required. 

Claim Rejections - 35 USC §102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

4. Claims 1-3, 6, 8, 9, 10 , 12 are rejected under 35 USC § 102(b) as being anticipated by 
Ohashi et al, US patent 5761309. 

In reference to claim 1 : 

Ohashi et al. discloses a method for the management of certificates stored on an identity module, 
said method comprising: 
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Providing an identity module comprising a data processing device(where the identity module is 
the smart card and the smart card contains a central processing unit)(Column 5, lines 5-8), a 
storage device connected to said data processing device(where the storage device is the memory 
on the smart card)(Column 5, lines 5-8), a card certificate stored on the storage device(Column 6, 
lines 13-18), an application which uses the certificate stored on the identity module( Column 6, 
lines 35-40), and a data transfer device which is connected to said data processing device and 
which is provided with a communication interface for the transfer of information between an 
external device and the identity module(Figure 6, Item 1 1 "Card Reader/Writer") 

• Receiving a certificate to the identity module, where the certificate is issued. (Column 6, 
lines 13-18) 

• Authenticating said certificate by means of said card certificate, where the certificate is 
used in its authentication process. (Column 6, lines 17-25) 

• Storing information obtained from said authenticated certificate on said storage device, 
where the certificate is stored. (Column 6, lines 13-18) 



In reference to claim 2: 

Ohashi et al. (Column 3, lines 34-37) discloses a method according to claim 1, further 
comprising filtering said authenticated certificate to remove a certification chain contained in 
said authenticated certificate, where a certification chain is the chain of authorities which were 
involved in distributing a certificate, and where this information can be filtered out of the 
certificate. 
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In reference to claim 3: 

Ohashi et al. (Column 6, lines 18-25) discloses a method according to claim 1, wherein said 
certificate is authenticated by means of the card certificate before its use, where the certificate is 
authenticated prior to being used by the master authentication center in a later step. 

In reference to claim 6: 

Ohashi et al. (Column 6, lines 18-25) discloses a method according to claim 1, further 
comprising verifying whether said certificate is authentic before its use, and when authenticity 
cannot be verified, rejecting said certificate, where the certificate is used if it is determined to be 
valid. 

Claim 8 is rejected for the same reasons as claim 1 . 
Claim 9 is rejected for the same reasons as claim 2. 
Claim 10 is rejected for the same reasons as claim 3. 
Claim 12 is rejected for the same reasons as claim 6. 



Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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6. Claims 4, 5, 1 1, 7, 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ohashi et al. 



In reference to claim 4: 

Ohashi et al. discloses a method according to claim 1, wherein said stored information comprises 
a public key and an associated identity, where the associated identity is the user PIN. (Column 5, 
line 64 - Column 6, line 8) 



The examiner takes official notice that putting a public key within a digital certificate was well 
known at the time of invention. In fact, a digital certificate is almost always comprised of user 
information and a public key that is digitally signed. While this may not always be the case, this 
is nevertheless the common understanding of the term. A definition is taken from the Wikipedia. 



Public key certjf fc^t^i ; ; 

;(Redireeted,from Digital certificate ) 



ihe nam0 pf a pebispn 



Gr&noi^anisati^ 



be Used :tdiverify - that a public key; belongs 16 Jan individual. 
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It would have been obvious to one of ordinary skill in the art at the time of invention to include 
within the stored certificate a public key since that is the common definition of the contents of a 
digital certificate. 

In reference to claim 5: 

Ohashi et al. fails to disclose a method according to claim 1, further comprising verifying 
whether said certificate is authentic prior to storage, and when authenticity cannot be verified, 
rejected said certificate. 

Ohashi et al. (Column 6, lines 18-25) does disclose a method according to claim 1, further 
comprising verifying whether said certificate is authentic prior to usage after storage, and when 
authenticity cannot be verified, rejected said certificate. 

It would have been obvious to one of ordinary skill in the art at the time of invention to verifying 
the certificate prior to storage in order to ensure the certificate being stored is authentic and avoid 
the wasting of storage space storing a certificate that was fraudulent. 

In reference to claim 7: 

Ohashi et al. fails to explicitly disclose a method according to claim 2, wherein the filtering 
comprises verifying whether each signature in said certificate is authentic, and filtering out only 
signatures that the verification proves to be authentic. 
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Ohashi et al. (Column 6, lines 15-23) discloses that the certificate are verified for authenticity. 

A digital certificate as understood in the art to include a public key along with authentication 
information that is digitally signed. A digital signature is an encryption with a private key, the 
idea being that anyone(with the public key) should be able to read a digital signature, but only 
the signer should be able to create the signature. Thus digital certificates are verified by 
decrypting the digital signature. 

The Examiner takes official notice that validating a certificate by checking if the signature itself 
is authentic and filtering out the signatures that are not verified was well known at the time of 
invention, where the filtering of a signature is if the digital signature is fraudulent. 

It would have been obvious to one of ordinary skill in the art at the time of invention to check the 
digital signature itself of the digital certificate, and or consider or "filter" a signature that did not 
pass the steps of authentication as part of the process to verify the digital certificate. 

Claim 1 1 is rejected for the same reasons as claim 5. 
Claim 13 is rejected for the same reasons as claim 7. 

Conclusion 

7. The following art not relied upon is made of record. 
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• US patent 5,629,980 discloses a method of content distribution that uses an advanced 
digital license/certificate containing various user information. 

• US patent 4868877 discloses digital certificates and their contents thereof. 

• US patent 6101477 discloses a smartcard with a smartcard certificate. 

8. Any inquiry concerning this communication from the examiner should be directed to 
Thomas M Ho whose telephone number is (571)272-3835. The examiner can normally be 
reached on M-F from 9:30 AM - 6:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Gregory A. Morse can be reached on (571)272-3838. 

The Examiner may also be reached through email through Thomas . Ho6@uspto . go v 

Any inquiry of a general nature or relating to the status of this application or proceeding should - 
be directed to the receptionist whose telephone number is (571)272-2100. 

General Information/Receptionist Telephone: 571-272-2100 Fax: 703-872-9306 

Customer Service Representative Telephone: 571-272-2100 Fax: 703-872-9306 



March 19 th , 2005 



TMH 




